9.3

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
XenXen Version <= 4.5.0
XenXen Version4.5.1
FedoraprojectFedora Version21
FedoraprojectFedora Version22
SuseLinux Enterprise Debuginfo Version11 Updatesp1
SuseLinux Enterprise Server Version10 Updatesp4 SwEditionltss
SuseLinux Enterprise Server Version11 Updatesp1 SwEditionltss
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
RedhatOpenstack Version5.0
RedhatOpenstack Version6.0
RedhatVirtualization Version3.0
RedhatEnterprise Linux Eus Version6.7
AristaEos Version4.12
AristaEos Version4.13
AristaEos Version4.14
AristaEos Version4.15
OracleLinux Version7 Update0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 10.86% 0.931
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html
Third Party Advisory
Mailing List
Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html
Third Party Advisory
Mailing List
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2015-1674.html
Third Party Advisory
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2015-1683.html
Third Party Advisory
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2015-1739.html
Third Party Advisory
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2015-1740.html
Third Party Advisory
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2015-1793.html
Third Party Advisory
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2015-1833.html
Third Party Advisory
Issue Tracking
http://support.citrix.com/article/CTX201717
Third Party Advisory
Broken Link
http://www.securityfocus.com/bid/76153
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1033176
Third Party Advisory
VDB Entry